{"_type": "sec_certs.sample.fips.FIPSCertificate", "dgst": "a77b3237cb73acfb", "cert_id": 5132, "web_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.WebData", "module_name": "Chainguard FIPS Provider for OpenSSL", "validation_history": [{"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry", "date": "2026-01-14", "validation_type": "Initial", "lab": "atsec information security corporation"}], "vendor_url": "http://chainguard.dev", "vendor": "Chainguard, Inc.", "certificate_pdf_url": null, "module_type": "Software", "standard": "FIPS 140-3", "status": "active", "level": 1, "caveat": "When operated in approved mode. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.", "exceptions": ["Physical security: N/A", "Non-invasive security: N/A"], "embodiment": "Multi-Chip Stand Alone", "description": "The Chainguard FIPS Provider for OpenSSL is defined as a software module in a multi-chip standalone embodiment. It provides a C language application program interface (API) for use by other applications that require cryptographic functionality. The module consists of one software component, the \u201cFIPS provider\u201d, which implements FIPS requirements, and the cryptographic functionality provided to the operator.", "tested_conf": null, "hw_versions": null, "fw_versions": null, "sw_versions": null, "mentioned_certs": {}, "historical_reason": null, "date_sunset": "2031-01-13", "revoked_reason": null, "revoked_link": null}, "pdf_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData", "keywords": {"fips_cert_id": {}, "fips_security_level": {"Level": {"Level 1": 3}}, "fips_certlike": {"Certlike": {"HMAC-SHA-1": 4, "SHA-3": 13, "SHA-1": 14, "SHA2-224": 7, "SHA2-256": 9, "SHA2-384": 3, "SHA2-512": 6, "SHA3-224": 1, "SHA3-256": 4, "SHA3-384": 1, "SHA3-512": 1, "SHA2- 224": 1, "SHA2- 256": 2, "SHA1": 1, "PKCS#1": 6, "AES-256": 2, "DRBG 128": 1}}, "vendor": {"Broadcom": {"Broadcom": 1}}, "eval_facility": {"atsec": {"atsec": 99}}, "symmetric_crypto": {"AES_competition": {"AES": {"AES": 50, "AES-256": 2}, "CAST": {"CAST": 53}}, "constructions": {"MAC": {"HMAC": 22, "KMAC": 17, "CBC-MAC": 1, "CMAC": 1}}}, "asymmetric_crypto": {"ECC": {"ECDH": {"ECDH": 6}, "ECDSA": {"ECDSA": 58}, "EdDSA": {"EdDSA": 62}, "ECC": {"ECC": 2}}, "FF": {"DH": {"DH": 40, "Diffie-Hellman": 5}}}, "pq_crypto": {}, "hash_function": {"SHA": {"SHA1": {"SHA-1": 14, "SHA1": 1}, "SHA3": {"SHA-3": 13, "SHA3-224": 1, "SHA3-256": 4, "SHA3-384": 1, "SHA3-512": 1}}, "Keccak": {"Keccak": 1}, "SHAKE": {"SHAKE128": 1, "SHAKE256": 1}, "PBKDF": {"PBKDF2": 10, "PBKDF": 11}}, "crypto_scheme": {"MAC": {"MAC": 26}, "KEX": {"Key Exchange": 3}, "KA": {"Key Agreement": 6}}, "crypto_protocol": {"SSH": {"SSH": 21}, "TLS": {"TLS": {"TLS v1.2": 5, "TLS v1.3": 5, "TLS 1.2": 14, "TLS 1.3": 11, "TLS": 21}}, "IKE": {"IKE": 6}}, "randomness": {"PRNG": {"DRBG": 50}, "RNG": {"RNG": 1, "RBG": 2}}, "cipher_mode": {"ECB": {"ECB": 1}, "CBC": {"CBC": 1}, "CTR": {"CTR": 1}, "CFB": {"CFB": 1}, "OFB": {"OFB": 1}, "GCM": {"GCM": 11}, "CCM": {"CCM": 1}, "XTS": {"XTS": 7}}, "ecc_curve": {"NIST": {"P-192": 17, "P-256": 8, "P-384": 12, "P-521": 10, "curve P-192": 1, "P-224": 12}, "Edwards": {"Ed25519": 6, "Ed448": 4}}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {"OpenSSL": {"OpenSSL": 103}}, "vulnerability": {}, "side_channel_analysis": {}, "device_model": {}, "tee_name": {"AMD": {"PSP": 8}, "IBM": {"SSC": 6}}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"FIPS": {"FIPS 140-3": 109, "FIPS186-5": 32, "FIPS 186-5": 27, "FIPS186-4": 6, "FIPS 186-4": 7, "FIPS 198-1": 13, "FIPS 180-4": 9, "FIPS 202": 9, "FIPS PUB 140-3": 1, "FIPS 197": 1}, "NIST": {"SP 800-132": 8, "SP 800-38A": 12, "SP 800-38C": 3, "SP 800-38B": 2, "SP 800-38D": 5, "SP 800-38F": 2, "SP 800-38E": 4, "SP 800-90A": 4, "SP 800-56A": 5, "SP 800-56C": 3, "SP 800-135": 5, "SP 800-108": 2, "SP 800-185": 3, "SP 800-56B": 1, "SP 800-90B": 3}, "PKCS": {"PKCS#1": 3}, "RFC": {"RFC7627": 3, "RFC 8446": 3, "RFC 5288": 3, "RFC8446": 1, "RFC 4253": 1, "RFC 6668": 1, "RFC 3526": 3, "RFC 7919": 3}, "ISO": {"ISO/IEC 24759": 2, "ISO/IEC 19790": 2}}, "javacard_version": {}, "javacard_api_const": {"curves": {"X25519": 2, "X448": 2}}, "javacard_packages": {}, "certification_process": {}}, "policy_metadata": {"pdf_file_size_bytes": 1366651, "pdf_is_encrypted": false, "pdf_number_of_pages": 97, "/Author": "Quin Darcy", "/CreationDate": "D:20260112124424-05'00'", "/Creator": "Microsoft\u00ae Word for Microsoft 365", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ActionId": "b6b81c7b-f55b-4b1d-93a6-8c5b0f86d31c", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_ContentBits": "1", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Enabled": "true", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Method": "Privileged", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Name": "UNCLASSIFIED", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SetDate": "2026-01-12T17:36:23Z", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_SiteId": "da9cbe40-ec1e-4997-afb3-17d87574571a", "/MSIP_Label_4dd2c6e0-f1e3-4cf2-bd0b-256ab4cff3af_Tag": "10, 0, 1, 1", "/ModDate": "D:20260112124424-05'00'", "/Producer": "Microsoft\u00ae Word for Microsoft 365", "pdf_hyperlinks": {"_type": "Set", "elements": ["https://doi.org/10.6028/NIST.FIPS.197-upd1", "https://www.ietf.org/rfc/rfc8446.txt", "https://doi.org/10.6028/NIST.FIPS.186-5", "https://doi.org/10.6028/NIST.FIPS.180-4", "https://doi.org/10.6028/NIST.FIPS.202", "http://www.ietf.org/rfc/rfc3447.txt", "http://www.atsec.com/", "https://doi.org/10.6028/NIST.SP.800-133r2", "https://doi.org/10.6028/NIST.SP.800-108r1-upd1", "https://doi.org/10.6028/NIST.SP.800-90B", "https://doi.org/10.6028/NIST.SP.800-90Ar1", "https://doi.org/10.6028/NIST.SP.800-131Ar2", "https://doi.org/10.6028/NIST.FIPS.198-1", "https://www.ietf.org/rfc/rfc5288.txt", "https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf", "https://webstore.ansi.org/standards/ascx9/ansix9632001", "https://www.ietf.org/rfc/rfc3526.txt", "https://doi.org/10.6028/NIST.SP.800-140Br1", "https://www.ietf.org/rfc/rfc7919.txt", "https://webstore.ansi.org/standards/ascx9/ansix9422001"]}}}, "heuristics": {"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics", "algorithms": {"_type": "Set", "elements": []}, "extracted_versions": {"_type": "Set", "elements": ["-"]}, "cpe_matches": null, "verified_cpe_matches": null, "related_cves": null, "policy_prunned_references": {"_type": "Set", "elements": []}, "module_prunned_references": {"_type": "Set", "elements": []}, "policy_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "module_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "direct_transitive_cves": null, "indirect_transitive_cves": null}, "state": {"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState", "module_download_ok": true, "policy_download_ok": true, "policy_convert_ok": true, "module_extract_ok": true, "policy_extract_ok": true, "policy_pdf_hash": "cc718b6e1ca0eaa7655ba085bec16a09320cf8f76234e0c5d8ce620470a0ecc8", "policy_txt_hash": "91064c727a7111704a29a564db54c648a38c66ac5589fa7a8a9f2262704fe6ce", "policy_json_hash": null}}